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REMARKS 

The Examiner's Action mailed on May 3, 2006, has been received and its 
contents carefully considered. 

In this Amendment, Applicants have editorially amended claims 1, 17, 18, 
22 and 23. Claim 1 is the sole independent claim, and claims 1-25 remain pending 
in the application. For at least the following reasons, it is submitted that this 
application is in condition for allowance. 

Claims 1-25 were rejected under 35 U.S.C §1 03(a) as being obvious over 
Godwin et al. (U.S. 6,505,192 B1) in view of Harvey et al. (U.S. 2004/0054807 A1) 
This rejection is respectfully traversed. 

Responsive to the rejections made in the Official Action, Claim 1 has been 
amended to recite "building a peer table, wherein the peer table includes fields of 
peer identification, address, prefix, and type" and "searching the peer table, and 
then comparing the Security Policy Database set with the field of address of the 
peer table so as to obtain a corresponding peer-based Security Policy Database". 

Godwin et al. fails to explicitly disclose "building a peer table", as admitted 
in the Office Action, and although Harvey et al. discloses building a number of 
tables, the method proposed by Harvey etal. is a virtual naming scheme trying to 
organize nodes so that the addressing/accessing time can be reduced and the so- 
called GUIDs are generated by one-way consistent hash, such as MD-5. The peer 
table of the present invention is used to handle physical IP addresses, and is 
much different form what Harvey et al. uses. Additionally, the method of the 
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invention was developed by observing the locality of IP addresses, whereas 
Harvey et al. uses two address spaces, one of which is the name ID space (e.g., 
DNS name); and the other one is the hash generated ID. 

The Office Action refers to paragraphs [0254] and [0255] of Harvey et al. 
for building a peer table, and paragraph [0254] is merely the heading "5.3.1 P- 
Table Construction", hence the Office action maintains that the P-Table of Harvey 
et al. corresponds to the claimed peer table. Paragraph [0251] explains that the P- 
Table "is short for the proximity table". Harvey et a/.'s proximity table is not 
equivalent to the claimed peer table, and Harvey et al. fails to disclose that it 
contains the same fields. 

More particularly, nowhere in Harvey et al. provides any specific teaching or 
suggestion of "building a peer table, wherein the peer table includes fields of peer 
identification, address, prefix, and type" as presently claimed. 

Godwin et al, in Fig. 3 and the description thereof, discloses that the rule 
searching occurs at the Internet protocol (IP) layer, and then determines if 
incoming packet contains an authentication header (AH) or an Encapsulation 
Security Payload (ESP), which is not to handle a physical IP address. See the 
paragraph from col. 6, line 47-col. 7, line 1 1, in which the sentence that the Office 
Action appears to allude to has been emphasized in italics: 

FIG. 3 shows how Ipsec rule searching has been implemented in the 
known prior art for packets incoming to a node. This rule searching occurs 
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at the Internet Protocol (IP) layer. Step 302 determines if an incoming 
packet contains an authentication header (AH) or an Encapsulating 
Security Payload (ESP) header. An AH header specifies that 
authentication of the origin of this packet be established. An ESP header 
specifies that the packet is encrypted; an ESP header may also specify 
authentication, as well as encryption. If either of these headers is present, 
a Security association must be identified to determine how to authenticate 
or to decrypt the packet. Step 306 locates the applicable Security 
association using the SPI (Security Parameter Index) as an index into a 
hash table of Security associations. Step 308 uses the information 
contained in the SECURITY_ASSOC to decapsulate (authenticate or 
decrypt) the packet. The authenticated or decrypted packet may now be 
used to search the security rules in sequence to find the first matching 
static or dynamic rule. This is performed at step 304. Step 312 illustrates 
that the search in step 304 continues until a match occurs (the last rule of 
a security database typically matches everything). When a rule match 
occurs, the rule is used to determine at steps 314 and 318 if the packet 
should be discarded. If the packet is not discarded at step 314, step 316 
determines if the matching rule requires that Ipsec processing be applied 
or not. If Ipsec processing is not required and if an AH or ESP header was 
not present in the incoming packet, then the packet is permitted at step 
324. If step 326 determines that an AH or ESP header was present, this 
indicates that Ipsec processing is required, but the matching rule says that 
it is not. This is an inconsistent state and the packet is discarded at step 
328. 

(emphasis added) 

Hence, Godwin et a/, discloses that "Step 306 locates the applicable 
Security association using the SPI (Security Parameter Index) as an index into a 
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hash table of Security associations" but fails to teach or suggest "searching the 



address of the peer table so as to obtain a corresponding peer-based Security 
Policy Database" {emphasis added), and neither does the Office Action contend 
that this is taught by Harvey et al. 

As Godwin et al. and Harvey et al., whether taken separately or in 
combination, fail to teach or suggest all the features recited in claim 1, the claimed 
invention is non-obvious. 

It is submitted that this application is in condition for allowance. Such 
action and the passing of this case to issue are requested. 

Should the Examiner feel that a conference would help to expedite the 
prosecution of this application, the Examiner is hereby invited to contact the 
undersigned counsel to arrange for such an interview. 

Should any fee be required, however, the Commissioner is hereby 
authorized to charge the fee to our Deposit Account No. 18-0002, and advise us 
accordingly. 



peer table , and then comparing the Security Policy Database set with the field of 
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